If i were to give someone a two 4096 bits keys, and say one was generated in a Linux OS with very very low entropy available, and one was generated in a Linux OS with more than enough entropy.
Would ...

I have a system where tens of thousands of users log in whenever they like and my server has to assign them to one of many databases. I would like to distribute the users evenly amongst the databases. ...

I'm using Postgres's uuid_generate_v4 in a uuid primary key column to generate secure one-time authentication tokens. Is this okay? Does Postgres use a secure random number source for generating these ...

I have written my own random number generator as a C library and I tested it on NIST Statistical Test Suite.
Now I would like to get a certification to have a formal proof that my C library generates ...

Is there any reason to believe that the hardware RNG in an Intel Celeron CPU is more unreliable than in other CPUs?
Can someone confirm that what Linus Torvalds says is true, namely that Linux does ...

I am trying to evaluate a noise-source as a means of providing entropy to a random number generator. I am running into trouble when it comes to determining the probability distribution that has the ...

Since the Linux RNG which provides /dev/random (and by extension /dev/urandom) is seeded by "mouse and keyboard activity, disk I/O operations, and specific interrupts" (source, PDF) and since virtual ...

One of the ways that RSA keys get consistently owned is when they're generated without enough entropy. Dan Kaminsky refers to a study which found that 1 in 200 RSA keys were badly generated and these ...

I'm researching how my smart card's chipset generates random numbers. According to a source in forums the YubiKey NEO is based on the A700x chipset from NXP. The page for the chipset indicates that ...

What is the concrete advantage of using random PIDs instead of traditional sequential ones?
Some times ago, I've read an article in the french magazine MISC (no. 74 - July/August, 2014) publishing a ...

I need to generate many many initialization vectors and session keys in C++ code. I am wondering if arc4random is up to the task. Last I heard, there are many weaknesses in the RC4 cipher. Should I ...

Is it okay to store single-use beta keys in plain-text in the database? I'll be pre-generating and storing about 2M keys. The keys get passed around so that people can sign up with it, rather than let ...

I've created a few encrypted devices with LUKS and cryptsetup on Linux and am pretty comfortable with disk encryption in this regard.
I've seen it mentioned in many different places that when setting ...

Is it possible to make a more secure random number generator (e.g. for cryptologic purposes) by combining two or more less secure random number generator algorithms using XOR? Here is an example of ...

I'm sure I will be quickly corrected if this is a stupid idea, or if it has already been tried. My question is: has this idea been tried before? If not, are there good reasons it would not work, or ...

Anyone who has generated large GPG public/private keypairs has come across this annoying message: "Not enough random bytes available. Please do some other work to give the OS a chance to collect more ...

What I have: A large file containing lots of secret, true-random bytes (yes, I'm sure they're not merely pseudo-random). I'll call it F.
What I want to do: Tell Linux that it can use this file as an ...

A security conscious friend of mine was attempting to generate entropy using random dice rolls to generate a random password, and I became curious about the security of random number generators and ...

Pseudorandom generators (PRG) are functions that takes a random small input (called the Seed) and maps it into much larger output .
However, the mapping process must be unpredictable in order for the ...

One of my colleagues is working on securing OAuth 2 client IDs and secrets for our OAuth server and he has come up with this scheme where he would not only use UUID v4 to generate random values, but ...

I have been using GUIDs as un-guessable tokens in various situations for some time. I came across this question/answer which seems to suggest that while this is ok in some situations, it should not ...

I know that there are already tools out there to generate cryptographic random number, but I was wondering if using AES could do the same.
For example, I have a secret key for AES on my server and a ...

I want to built some short urls for uploaded files and links on my own server. Simple enough, I upload files and my script returns me a link. On access, the link is translated to the file and download ...

Suppose one wants to setup a cryptographic protocol in which 2 parties communicate using an encryption scheme that produces encrypted messages indistinguishable from random data (the desired property) ...